HackerTrans
TopNewTrendsCommentsPastAskShowJobs

goupil

no profile record

comments

goupil
·2 years ago·discuss
That's a very valid point, as an automated attack could then be performed. I guess it would at least help against an attacker that would be manually checking what's inside the packets captured, or that would let his attack passively capture everything for a while and then proceed to attack.
goupil
·2 years ago·discuss
If your 1password is compromised, then loss of the password would mean loss of the TOTP, in which case TOTP doesn't help.

But there are other scenarios where your password could be stolen without someone getting access to your 1password, for instance if your connection isn't protected and a man in the middle can intercept your password.

In the end, I would argue that having TOTP in the same place as your password is weaker than having it somewhere else, but it's still better than no 2FA
goupil
·2 years ago·discuss
It's sad to see so many discussions on security and so little on privacy. How about solutions that could combine both, such as homomorphic encryption for AI?